Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

portal

Posted on 2004-08-11
1
Medium Priority
?
658 Views
Last Modified: 2013-12-04
Hi,

I have always portal as startpage in internet explorer.
I have win 98 se
I have run CWShredder and adaware.
After runnig adaware my original startpage is back but after a while the portal is back.
I also installed google toolbar. It seems that the installation was succesful, but the toolbar doesn't appear.
Here is the hijacklog

Logfile of HijackThis v1.98.0
Scan saved at 21:14:39, on 11/08/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SRV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\HIJACKTHIS1980.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
file:///C:/Program%20Files/Plus18Point/Portal/portal.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina =
file:///C:/Program%20Files/Plus18Point/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Koppelingen
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} -
C:\WINDOWS\SYSTEM\IEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Taakcontrole] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Classes] C:\WINDOWS\SYSTEM\SRV.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina -
res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Gelijkwaardige pagina's - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://C:\PROGRAM
FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html


0
Comment
Question by:1pc
1 Comment
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 2000 total points
ID: 11778454
Hello 1pc =)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
file:///C:/Program%20Files/Plus18Point/Portal/portal.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina =
file:///C:/Program%20Files/Plus18Point/Portal/portal.html
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000000} -
C:\WINDOWS\SYSTEM\IEHelper.dll
==========================================================

Fix these entries,,,, and run these tools in Safemode to make sure that the system is clean from all junk stuff !!!!

========================================================
AdAware ==> http://www.lavasoftusa.com/support/download/
SpyBot  ==> http://www.spychecker.com/program/spybot.html
CoolWebShredder ==> http://www.spychecker.com/program/coolwebshredder.html
ToolBar Cop >> http://www.mvps.org/sramesh2k/toolbarcop.htm
Stinger >> http://vil.nai.com/vil/stinger
========================================================

!! GOOD LUCK !!
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Suggested Courses
Course of the Month13 days, 19 hours left to enroll

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question